Hey Paul, Thank you for replying and sorry for the delay. Really busy this time of year. This is what I'm working with from a diagram standpoint, see attached DMVPN.PNG in zip. In addition, see attached both hubs(all 4 configurations) and one of the spoke locations(both configurations). (notepad++ recommended). The problem is when, for example, I fail over from WE-SB-CRT-01 to 02. When I try to ping the WE-GC-CSW-01, it won't ping because that side's HSRP hasn't failed over. I assume it's because each switch has the route of 0.0.0.0 0.0.0.0 10.X.10.1 configured which is the virtual ip address. If this is true, what is the best practice for switches to communicate up and out so that I don't have this routing issue in a fail over scenario?
... View more
What if site 2 and site 3 has two routers using HSRP for internal but cannot share MPLS or Internet between them? I can get the tunnels to work and can ping the local address on the LAN interface but anything beyond that for the backup router doesn't work until both the Hub and spoke fail over to the secondary routers. A bit of a problem if I took this design to scale. thoughts?
... View more
I posted this on the Cisco learning forum on a tutorial I'm following but I'm adjusting it a little bit, I ran into a wall that I'm not sure how to resolve. The topology is the following way:
DMVPN version 3 Router 1(10.1.1.5) - Hub Location A - through MPLS - to Router 1(10.2.1.5) - Spoke Location A - Router EIGRP 10
Router 2(10.1.1.6) - Hub Location A - through Internet - to Router 2(10.2.1.6) - Spoke Location A - Router EIGRP 11 HSRP between the two devices with the virtual IP of .1. .5 has priority There is another Spoke location as well just to simulate remote site connectivity(10.3.1.X) Tunnels establish, I can ping the LAN address of .5 while on remote .5 and vice versa. Same for .6 side as well. Switches below can ping the routers and remote site devices through the primary path just fine. The problem i'm running into is when a Spoke has to fail over to the secondary router, I cannot ping anything inside of the hub location except the Hub .6 address. If I fail over hub .6, I can ping that and everything below it just fine, so I think this tells me it is a routing issue? This poses a problem with Spoke fail over as I'd have to essentially fail over the entire rest of the design just for everything to function. Big problem if I were to try to manifest this into production. So the question I have is, how do I fail over a Remote Spoke and still be able to communicate to everything in that Hub? This is what I'm following but added a second router in each location and moved the second tunnel to the second router:
Do I need two have different Router eigrp for each tunnel? If so, do I create static routes? If so, what does that static route look like and where would I place it? Currently the switches .21 point to .1 the virtual ip. So I believe that is where my routing problem resides.
Thank you kindly in advance.
... View more